Splunk Series II: Knowledge Objects and Managing Fields

Introduction to Knowledge objects

These are tools you use to discover and analyze various aspects of your data

* Data Interpretation – Fields and field extractions
* Data Classification – Event types
* Data Enrichment – Lookups and Workflow Actions
* Normalization – Tasks and Field Aliases
* Datasets – Data models

Knowledge objects can be shared between users, they are reusable, are made of persistent objects that can be used by multiple people or apps, such as macros and reports. They are also searchable since the objects are persistent, they can be used in a search

UntitledImage

What is next?

Workflow Actions

About the Author:

Andres Sarmiento, CCIE # 53520 (Collaboration)
With more than 15 years of experience, Andres is specialized in Unified Communications and Collaboration technologies. Consulted for several companies in South Florida, also Financial Institutions on behalf of Cisco Systems. Andres has been involved in high-profile implementations including Cisco technologies; such as Data Center, UC & Collaboration, Contact Center Express, Routing & Switching, Security and Hosted IPT Service provider infrastructures.

You can follow Andres using Twitter, LinkedIn or Facebook

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.